Malicious
Malicious

58a6d9e8541a979641e45ed6a8ce7450

MS Word Document
|
MD5: 58a6d9e8541a979641e45ed6a8ce7450
|
Size: 925.48 KB
|
application/msword

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
58a6d9e8541a979641e45ed6a8ce7450
Sha1
6417e3a27cbda572c02fa2da68ceb1e27e1a2ff2
Sha256
cdc7c2d40b1e404f7ad949349b0763ee8ea2038afd21ecd6c5285e3e73912297
Sha384
dfcf4982962577f9995a53bcf9d5c6432ad08436c36423d20d383bc5a875d6f216c8706441cce275868f1dc256f21648
Sha512
2d90d037313b69dc661ab949aaf13ecaf27f144cc9da89756394f6ff250bb2b3e6417333464756e4063cf79a9ba6aad50231427963caed59426c3911dce08321
SSDeep
24576:o2gdrFt1+RHl5DujKD4B6UTuEY1qrxDv25uT+FROW:gxtgx8KDk6UTud1qrxDO5DFRd
TLSH
1115227B07EA787EC84D46FB9363B67238292D48D67C7A15884753CE6A0004F17899FB
File Structure
58a6d9e8541a979641e45ed6a8ce7450
Malicious
[Content_Types].xml
docProps
app.xml
core.xml
word
Malicious
document.xml
Earche.rtf
endnotes.xml
fontTable.xml
footer1.xml
footnotes.xml
numbering.xml
settings.xml
styles.xml
webSettings.xml
theme
theme1.xml
_rels
Malicious
document.xml.rels
settings.xml.rels
Malicious
_rels
.rels
Malware Configuration - Remote Template
Config. Field
 Value
Target

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
Path

settings.xml.rels
XPath

/Relationships/Relationship
Outer XML

<Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/attachedTemplate" Target="file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx" TargetMode="External" xmlns="http://schemas.openxmlformats.org/package/2006/relationships" />
Artefacts
Name
 Value
Remote Template - Highly Suspicious

file:///C:\Users\John\AppData\Roaming\Microsoft\Templates\Student%20report%20with%20photo.dotx
58a6d9e8541a979641e45ed6a8ce7450 (925.48 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙